Mapsly users do not automatically their access restrictions from the CRM - their access level are defined in Mapsly by their user profile.

Access levels in Mapsly: objects, fields and records

Mapsly supports layered data security seen in most modern CRMs. Access can be restricted at the object level, field level and at the record level.

User profiles define access to objects and fields

To edit user profiles go to the main menu -> Setup -> Profiles & Permissions:

A user profile defines whether a user with this profile has access to the object at all or if it is entirely hidden from them, and for each object that is visible to the user - whether users can view or modify records:

Field-level access can be adjusted by clicking on the 3-dot icon.

Owner-level and non-owner-level access

The concept

Object-level and field-level access is defined separately for records owned by the user ("Owner" line on the screenshot above) and the rest of them ("Non-owner").

How Single Sign-On is used to determine ownership

If your Mapsly account is linked to your CRM organization with Single Sign-On, for users who logged into Mapsly with their CRM credentials Mapsly Mapsly saves their CRM IDs and then match them against the owner of each imported record: if a user's CRM ID matches a record's owner ID, the user is granted the Owner-level access; otherwise - the Non-owner access.

Re-configurable Owner field mapping

While for standard objects the Mapsly connector for your CRM pre-configures the Owner field mapping to the standard Owner field, you may change this mapping for any object in Setup -> [Your data source] -> Objects & fields:

How ownership is determined for data sources without Single Sign-On, and for manually added users (without automatically filled in CRM user ID)

For data sources that are not linked to the Mapsly account with Single Sign-On, users' CMR user ID's can be manually set by the account admin in user's Preferences -> Personal:

In combination with the manual mapping of the Owner field (mentioned above) this also enables ownership-based access control for manually added users.

Exact criteria of whether a user is the owner of a record

A user is granted owner-level access for a record only if the user’s CRM user ID (shown on the screenshot above) matches the record’s Owner. In other words, all of the following conditions must be met:

  • The record’s object has an Owner field.

  • The value of the Owner field is not null or empty.

  • The logged in Mapsly user is either linked to a CRM user via Single Sign-On or has their External User ID field filled in manually by an Administrator.

  • The User’s External User ID matches the records Owner.

If any of the these conditions are not met, the user is granted the non-owner-level access.

Ownership in objects with no owner ID field

If your object doesn't have an Owner field or the Owner field mapping is removed in the object's settings, Mapsly will assume such records are not owned by anyone so access to this data will be governed only by the Non-owner permission set.

Default user profiles and their settings

Out-of-the-box, Mapsly offers two user profiles that cannot be removed:

  • Administrator: has full access to imported data;

  • Standard user: can see all objects and fields, but has access only to records that they own.

Users automatically registered in a Mapsly account with Single Sign-On are assigned the Standard user profile by default. That's why it's not recommended to grant the Standard user profile access to Non-owned records.

You may adjust both Administrator's and Standard user's profile, and create more profiles to meet your needs.

Control access to features

In addition to controlling and restricting access to data, through user profiles' permissions you can also restrict access to Mapsly features like the ability to download data as CSV files from the Table view, draw territories or adjust field mapping when exporting data about local businesses to the CRM.

Record sharing rules

In addition to the Owner/Non-owner permissions you may share records, or grant additional access to fields in records that the user already had access to, by using record sharing rules.

Did this answer your question?